Can Symfony be deployed with a hot but read-only cache?

Question

Symfony2 requires that its cache is writable by the process under which it runs, even in production. However, malicious alteration of that cache could lead to arbitrary code execution and/or arbitrary changes to one's application (and accidental corruption thereof could lead to software failure).

Surely it's good practice to enforce restrictions in the OS that prevent any compromise of public-facing systems from escalating to such arbitrary degrees?

One thought is to deploy a hot but read-only cache of executable code (which is usually static anyway), so that the production system cannot modify it thereafter; dynamic data, e.g. from Doctrine, could still be cached somewhere writable—but it would never be evaluated for code execution.

Is this a supported configuration? If so, how? Or am I being overly paranoid?

Answer 1

I don't think Symfony supports this yet since there is still an open item on GitHub addressing this very issue:

https://github.com/symfony/symfony/issues/23354

Answer 2

I've been working on this as well. This becomes a lot more feasible in Symfony 3.3 because the filecache finally supports relative filepaths and dynamic environment variables (in the container).

Try the following and see if it works for you:

# locally
$ app/console cache:clear --no-debug --env=dev
$ app/console cache:warmup --no-debug --env=dev

# for production
$ app/console cache:clear --no-debug --env=prod
$ app/console cache:warmup --no-debug --env=prod